Information Security
searchsecurity.techtarget.com.au
TechTarget ANZ : Targeted Information for IT Professionals
- Visit other TechTarget ANZ sites:
Open Source Security Tools
Open source security tools offer numerous benefits to enterprise security, but they can also come with their own vulnerabilities. Here you'll find news, expert advice, learning tools and white papers on Snort, Nmap, Nessus and other popular open source security tools.
Article (19)
-
TUTORIAL: Using Scapy to test Snort rules
Learn how to use Scapy, a Python-based tool, to use packet crafting to test rules you create in the Snort intrusion detection system. -
VIDEO TUTORIAL: Connect to remote networks with PuTTY
This video tutorial explains how to use open source tool PuTTY as an SSH, telnet and rlogin client, to help test and improve your network's security. -
How to copy a live server to enable investigation of a security incident
If you think a server has been compromised, but cannot take the server offline, you need to create an exact copy of every last bit on its disks. This story explains how to do so, using tools like DCFLDD. -
VIDEO: Learn how to operate "Rootkit Hunter" to protect Linux andf BSD
Watch this video to learn how to install and operate Rootkit Hunter, software that detects rootkits for Linux and BSD. -
When to use open source security products instead of commercial software
If your IT budget has been cut, open source security tools can give you the security you need at a price you'll like. -
Snort and MSFT's recent remote code execution bug
Learn how Snort can help to work with a remote code execution bug Microsoft identified in November 2008. -
BackTrack Version 3 is here
Kevin Beaver reviews version 3 of BackTrack, a free, Linux-based, security assessment tool he says is as good as anything else on the market. -
SCREENCAST: Using Wikto to analyse a web server
Learn how to use Wikto, a free tool, to analyse bad directories on a web server and much more in this screencast. -
Finding Snort's new features
Richard Bejtlich explains how to get the most out of the new release of Snort. -
Google shares its struggle to manage security complexities
Google's head of security and governance shares the challenges of managing security at the Internet giant. -
Snort creator Martin Roesch previews Snort 3.0
Snort creator Martin Roesch has previewed a new version of the software. -
How to use shared object rules in Snort
Shared object (SO) rules were introduced in Snort 2.6.0. Richard Bejtlich tells you how to use them! -
The limitations of Snort and how to overcome them
Snort is a very powerful tool, but users will do well to note its limitations as well as its strengths, as we explain in this guide to using Snort effectively. -
Free Web application security testing tools you need to get to know
Commercial application security testing tools tend to provide better results than their freeware and open source counterparts. But when cost is a factor, the free tools described here are a great alternative. -
Open source security making ground?
Gartner analysts may expect open source software to make up as much as 22% of the total commercial software market sometime this decade, but sales of open source security products still lag behind other categories, experts said. -
Tor network 'bridges' help evade blockers
A new feature developed for the Tor network helps avoid website's from blocking Tor by using relays with IP addresses not listed in the Tor directory. -
Meet the hacker Fyodor, creator of Nmap
Nmap, the open source security scanner and network mapping tool, hit double digits in 2007. Nmap creator, Fyodor, told us about its genesis. -
Screencast: Snort -- Tactics for basic network analysis
In this step-by-step demo, Tom Bowers explains how the Snort open source IDS tool works and illustrates how it can help security pros assess network security. -
Wireshark: Taking a bite out of packet analysis
If you need to sniff out problem packets, you don't have to spend thousands of dollars on network data analysis. Scott sidel recommends a free tool that's right under your nose: Wireshark.
News (3)
-
Sourcefire acquires open source ClamAV
Sourcefire, maker of the popular Snort open source IDS tool, has acquired ClamAV, an open source email gateway scanning tool. -
Immunity releases new exploit-writing tool
Pen testing company Immunity says its Debugger tool offers researchers a new way to write exploits, analyse malware and reverse engineer binary files. -
Sourcefire IPO could fuel Snort, users say
Snort users frowned when Check Point tried to acquire Sourcefire last year. But they are more optimistic about Sourcefire's plans to go public.
Tips (19)
-
Using Snort's Unified Output features
Learn how to use Snort's Unified Output features in this tip. -
Nessus: Vulnerability scanning in the enterprise
Our Nessus series continues with general advice for vulnerability scanning in the enterprise with the open source vulnerability scanner . -
How to run a Nessus system scan
In the second tip in our series on running Nessus in the enterprise, our contributor takes you step-by-step through the process of running a Nessus system scan. View screenshots of the Nessus interface and learn commands for the Unix Nessus GUI. -
How to install and configure Nessus
Learn how to use the open source scanner Nessus to find and fix the gaping security holes in your network in this tip. -
Open source security tools
Open source security tools are often as powerful and effective as their commercial cousins. This guide collects four of the best and shows you how to use them! -
Get the most out of Snort - Part Three
More on Snort's Command Line modes -
Get the most out of Snort - Part Two
Our second look at Snort explores its command line output modes -
Get the most out of Snort
In the first of a three-part series, we offer some hands-on tips about the open source security tool Snort. -
Secure file copying with WinSCP
Learn how WinSCP, an open source SFTP and FTP client for Windows can assist security pros in secure file copying. -
Digital forensics tool Helix 'does no harm'
Forensics isn't just for the scientists. This month, contributor Scott Sidel recommends Helix, a digital forensics tool that can do some important detective work on your system. -
BackTrack is one forward-thinking penetration testing tool
In this SearchSecurity.com expert commentary, security expert Scott Sidel discusses the mechanics behind BackTrack 2.0, an extensive collaboration of security and forensics tools designed to assist security professionals. -
Nessus can spot some monster security problems
If given the choice of only one vulnerability scanner, Contributing Editor Scott Sidel would use Nessus. Find out why in this Guest Commentary Tip. -
KeePass -- Keeping passwords under lock and key
Can't remember all of your passwords? Contributing Editor, Scott Sidel, recommends KeePass, an easy-to-use open source password manager. -
Google Code Search -- Finding security flaws has never been easier
While Google Code Search may offer a number of benefits that will help improve application security, hackers have learned how to use the search giant's code-finding engine to exploit security weaknesses. In this tip, Ed Skoudis examines how malicious hackers use Google Code Search, how it affects the open source and commercial software communities and how enterprises can defend against Google Code Search abuse. -
Nmap and the open source debate
Upper management may be hesitant to approve the use of an open source tool, but Nmap has many benefits. This tip offers selling points to present to upper management when proposing the use of Nmap. -
Nmap parsers and interfaces
SearchSecurity expert contributor Michael Cobb continues his series on Nmap with a detailed look at Nmap parsers and interfaces. -
Nmap in the enterprise: Interpreting and acting on Nmap results
As we continue our series on Nmap in the enterprise, SearchSecurity expert contributor Michael Cobb explains how to run some of the more regular scans you'll need to perform with Nmap. -
Can Snort read multi-platform syslogs?
Most security pros are aware of Snort's network intrusion detection capabilities, but can this freeware tool read and monitor multi-platform syslogs? Network security expert Mike Chapple tackles this question in this Ask the Expert Q&A. -
Are there any patch management products that track the patching process?
Before you dip into your IT budget to solve your patching problems, read this Q&A. Our platform security expert examines why security pros should consider using available freeware products to track and manage their patching process.
General Content (1)
-
Fuzzing: Brute Force Vulnerability Discovery
In this Chapter 21 excerpt from "Fuzzing: Brute Force Vulnerability Discovery," authors Michael Sutton, Adam Greene, and Pedram Amini examine SPIKE, one of the most popular and widely used fuzzing frameworks.
© 2010 TechTarget ANZ. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this website constitutes acceptance of the TechTarget ANZ Terms and Conditions and Privacy Policy.
TechTarget ANZ sites: SearchCIO.com.au | SearchNetworking.com.au | SearchSecurity.com.au | SearchStorage.com.au | SearchVoIP.com.au
WF Online community sites: ElectricalSolutions | ElectronicsOnline | FoodProcessing | InMotionOnline | LabOnline | ProcessOnline | RadioComms | SafetySolutions | SustainabilityMatters | Voice&Data
Copyright ©
2010
Westwick-Farrow Pty Ltd. All rights reserved.
About Us
|
Contact Us
|
TechTarget